RFC 2984 (rfc2984) - Page 2 of 6
Use of the CAST-128 Encryption Algorithm in CMS
Alternative Format: Original Text Document
RFC 2984 CAST-128 in CMS October 2000 commercial and non-commercial uses worldwide [IPR], and therefore is widely used in a number of applications around the Internet. It thus seems to be a suitable optional encryption algorithm for S/MIME. This document describes how to use CAST-128 within the S/MIME CMS specification. 2. Specification This section provides the OIDs and processing information necessary for CAST-128 to be used for content and key encryption in CMS. 2.1 OIDs for Content and Key Encryption CAST-128 is added to the set of optional symmetric encryption algorithms in CMS by providing two unique object identifiers (OIDs). One OID defines the content encryption algorithm and the other defines the key encryption algorithm. Thus a CMS agent can apply CAST-128 either for content or key encryption by selecting the corresponding object identifier, supplying the required parameter, and starting the program code. For content encryption the use of CAST-128 in cipher block chaining (CBC) mode is RECOMMENDED. The key length is variable (from 40 to 128 bits in 1-octet increments). The CAST-128 content-encryption algorithm in CBC mode has the following object identifier: cast5CBC OBJECT IDENTIFIER ::= {iso(1) member-body(2) us(840) nt(113533) nsn(7) algorithms(66) 10} The parameter associated with this object identifier contains the initial vector IV and the key length: cast5CBCParameters ::= SEQUENCE { iv OCTET STRING DEFAULT 0, -- Initialization vector keyLength INTEGER -- Key length, in bits } Comments regarding the use of the IV may be found in [RFC 2144]. The key-wrap/unwrap procedures used to encrypt/decrypt a CAST-128 content-encryption key with a CAST-128 key-encryption key are specified in Section 2.2. Generation and distribution of key- encryption keys are beyond the scope of this document. Adams Standards Track
